From d42244b3974c7898142f09a807c6c17c2343a981 Mon Sep 17 00:00:00 2001 From: Noah Meyerhans Date: Mon, 14 Jan 2008 21:40:08 +0000 Subject: [PATCH] merge changes for trunk revisions 2899:2934 to etch-backports --- configure | 4 +- configure-libafs | 4 +- configure-libafs.in | 4 +- configure.in | 4 +- debian/README.Debian | 48 ++- debian/changelog | 45 ++- debian/control | 2 +- debian/copyright | 4 +- debian/openafs-client.postinst | 21 +- debian/openafs-client.postrm | 38 +- debian/openafs-dbserver.postrm | 28 ++ debian/openafs-fileserver.postinst | 12 +- debian/openafs-fileserver.postrm | 14 +- debian/patches/alloc-vnode | 34 ++ debian/patches/linux-2.6.24 | 421 +++++++++++++++++++ debian/patches/multiple-local-realms | 578 +++++++++++++++++++++++++++ debian/patches/series | 3 + debian/rules | 11 +- src/viced/afsfileprocs.c | 4 +- src/viced/callback.c | 7 +- src/viced/host.c | 3 +- src/viced/viced.c | 5 +- src/vol/partition.c | 4 +- 23 files changed, 1212 insertions(+), 86 deletions(-) create mode 100644 debian/openafs-dbserver.postrm create mode 100644 debian/patches/alloc-vnode create mode 100644 debian/patches/linux-2.6.24 create mode 100644 debian/patches/multiple-local-realms diff --git a/configure b/configure index e62e8d70d..917e0a087 100755 --- a/configure +++ b/configure @@ -2170,7 +2170,7 @@ fi # Define the identity of the package. PACKAGE=openafs - VERSION=1.4.5 + VERSION=1.4.6 cat >>confdefs.h <<_ACEOF @@ -2318,7 +2318,7 @@ am__tar='${AMTAR} chof - "$$tardir"'; am__untar='${AMTAR} xf -' ac_config_headers="$ac_config_headers src/config/afsconfig.h" -MACOS_VERSION=1.4.5 +MACOS_VERSION=1.4.6 diff --git a/configure-libafs b/configure-libafs index 39092b039..e65bc9a6b 100755 --- a/configure-libafs +++ b/configure-libafs @@ -2170,7 +2170,7 @@ fi # Define the identity of the package. PACKAGE=openafs-libafs - VERSION=1.4.5 + VERSION=1.4.6 cat >>confdefs.h <<_ACEOF @@ -2318,7 +2318,7 @@ am__tar='${AMTAR} chof - "$$tardir"'; am__untar='${AMTAR} xf -' ac_config_headers="$ac_config_headers src/config/afsconfig.h" -MACOS_VERSION=1.4.5 +MACOS_VERSION=1.4.6 diff --git a/configure-libafs.in b/configure-libafs.in index 8c211b0ee..7c24361aa 100644 --- a/configure-libafs.in +++ b/configure-libafs.in @@ -1,7 +1,7 @@ AC_INIT(src/libafs/Makefile.common.in) -AM_INIT_AUTOMAKE(openafs-libafs,1.4.5) +AM_INIT_AUTOMAKE(openafs-libafs,1.4.6) AC_CONFIG_HEADER(src/config/afsconfig.h) -MACOS_VERSION=1.4.5 +MACOS_VERSION=1.4.6 AC_SUBST(MACOS_VERSION) diff --git a/configure.in b/configure.in index 350778c58..ba72e0a37 100644 --- a/configure.in +++ b/configure.in @@ -1,7 +1,7 @@ AC_INIT(src/config/stds.h) -AM_INIT_AUTOMAKE(openafs,1.4.5) +AM_INIT_AUTOMAKE(openafs,1.4.6) AC_CONFIG_HEADER(src/config/afsconfig.h) -MACOS_VERSION=1.4.5 +MACOS_VERSION=1.4.6 AC_SUBST(MACOS_VERSION) diff --git a/debian/README.Debian b/debian/README.Debian index 5a0c0bf51..f7b69a9ab 100644 --- a/debian/README.Debian +++ b/debian/README.Debian @@ -45,6 +45,21 @@ Documentation secure than the one in the OpenAFS documentation, but the OpenAFS documentation provides useful background. +Build Options + + The OpenAFS servers have been built with --enable-supergroups, which + permits nesting of PTS groups. Be aware that the PT database created by + these packages is not compatible with servers not built with + --enable-supergroups if nested PTS groups are used. In other words, if + you need the openafs-dbserver package to interoperate with ptservers + that aren't built with this option, don't use this capability. + + bosserver is built with --enable-bos-new-config. If + /etc/openafs/BosConfig.new exists when bosserver starts, it will be + renamed to /etc/openafs/BosConfig before the configuration file is + read. This allows queuing of changes to the configuration that will + take effect at the next restart. + Changes Relative to Stock OpenAFS Long-time AFS users may be confused by the directory layout. The files @@ -60,6 +75,14 @@ Changes Relative to Stock OpenAFS To distinguish between an SMP and a non-SMP kernel module package, use --append_to_version; see README.modules for more information. + The OpenAFS servers have been patched to support listing up to four + realms in /etc/openafs/server/krb.conf. Any realms listed in that file + (all on one line, space-separated) will be treated as local for + authorization decisions (in other words, the relam will be stripped off + and the unqualified principal name checked against AFS ACLs, UserList, + PTS groups, and so forth). The default OpenAFS server only supports + listing one realm in this file. + The AFS up utility is installed as afs-up, since the standard name is rather generic. @@ -74,7 +97,7 @@ Changes Relative to Stock OpenAFS The OpenAFS PAM modules have been built with pthreads rather than the standard LWP AFS libraries for compatibility with a threaded sshd. -Debugging +Debugging and Bug Reporting The current OpenAFS installation process installs fileserver and volserver unstripped, since backtraces and other debugging information @@ -89,6 +112,27 @@ Debugging for all OpenAFS binaries. This is pending upstream changes to the stock OpenAFS installation rules. + When reporting a bug in the OpenAFS client, please include your exact + kernel version and architecture (reportbug will do this for you). Also, + if the client caused a kernel oops or BUG, be sure to include the + complete kernel output, including the lines before the oops. That's + where the OpenAFS error message, if any, will be. + + When reporting a bug in the OpenAFS file server, please include + backtrace information from a core dump, if any. If the file server is + deadlocked, you can capture a core dump using the gcore script that + comes with the gdb package. The file server is threaded, so use the + command "thread apply all backtrace" in gdb to get a complete backtrace. + It's also often useful to have the output of rxdebug 7000 at + the time of the problem and the FileLog from the file server. You can + increase the logging level of the file server with kill -TSTP (and reset + it to 0 with kill -HUP). + + You can report any bug in OpenAFS against the Debian package with + reportbug and the OpenAFS package maintainers will forward the bug + upstream as necessary. If you do want to report a bug directly + upstream, see http://www.openafs.org/ for bug reporting instructions. + PAM Authentication Any new OpenAFS cell is strongly encouraged to use Kerberos v5 for @@ -138,4 +182,4 @@ PAM Authentication the openafs-kpasswd package to get the administrative utilities for managing those Kerberos accounts. - -- Russ Allbery , Tue, 26 Sep 2006 16:32:58 z + -- Russ Allbery , Mon, 17 Dec 2007 18:29:42 -0800 diff --git a/debian/changelog b/debian/changelog index 7be4d32dd..f52af06f5 100644 --- a/debian/changelog +++ b/debian/changelog @@ -1,8 +1,47 @@ -openafs (1.4.5.dfsg1-1~40bpo1) etch-backports; urgency=low +openafs (1.4.6.dfsg1-2~40bpo1) etch-backports; urgency=low - * Backport to etch + * Backport 1.4.6.dfsg1-2 to etch. - -- Noah Meyerhans Fri, 16 Nov 2007 15:04:34 -0500 + -- Noah Meyerhans Mon, 14 Jan 2008 16:41:42 -0500 + +openafs (1.4.6.dfsg1-2) unstable; urgency=low + + * Apply additional upstream patches to the 2.6.24 support to fix + builds with older kernels. Thanks to Felix Koop for the testing. + (Closes: #458331) + * Remove old /etc/openafs/server-local files from older versions when + purging openafs-fileserver. + * Minor reformatting of openafs-client's postrm. + * Remove databases on purge of openafs-dbserver. + * Remove log files when purging openafs-fileserver or openafs-dbserver + per Policy 10.8. + + -- Russ Allbery Sun, 30 Dec 2007 15:08:04 -0800 + +openafs (1.4.6.dfsg1-1) unstable; urgency=low + + * New upstream release. + - Fixes multiple serious problems with the file server. + * Apply upstream patch for Linux 2.6.24 support. Thanks to Anders + Kaseorg for researching the necessary deltas. (Closes: #456258) + * Apply upstream patch to allocate vnodes from the malloc pool rather + than off the stack, fixing file server problems on SPARC. Thanks to + Barney Sowood for tracking down the patch. (Closes: #448380) + * Apply upstream patch from the 1.5 series to allow multiple realms to + be listed in the server krb.conf and hence treated as local. + * Build bosserver with --enable-bos-new-config. On startup, if + BosConfig.new exists, it will be renamed to BosConfig before the + configuration is read. (Closes: #453398) + * Add a comment to /etc/openafs/afs.conf.client that the file is managed + by debconf. (Closes: #447183) + * Add more debugging and bug reporting instructions to README.Debian. + * Mention in README.Debian that the server is built with supergroups + enabled and with the multiple local realm patch. (Closes: #453399) + * Support reconfigure in postinst. + * Recode debian/copyright to UTF-8. + * Update to standards version 3.7.3 (no changes required). + + -- Russ Allbery Mon, 17 Dec 2007 20:19:13 -0800 openafs (1.4.5.dfsg1-1) unstable; urgency=low diff --git a/debian/control b/debian/control index 3798f985a..d8b53d934 100644 --- a/debian/control +++ b/debian/control @@ -5,7 +5,7 @@ Maintainer: Sam Hartman Uploaders: Russ Allbery Build-Depends: debhelper (>= 5), libncurses5-dev, libpam0g-dev, bison, flex, perl, comerr-dev, libkrb5-dev, autoconf, automake, quilt (>= 0.40) -Standards-Version: 3.7.2 +Standards-Version: 3.7.3 Homepage: http://www.openafs.org/ Package: openafs-client diff --git a/debian/copyright b/debian/copyright index 55e7ed16f..ee56891f4 100644 --- a/debian/copyright +++ b/debian/copyright @@ -159,7 +159,7 @@ Copyright: Each Contributor must include the following in a conspicuous location in the Program: - Copyright © {date here}, International Business Machines Corporation + Copyright © {date here}, International Business Machines Corporation and others. All Rights Reserved. In addition, each Contributor must identify itself as the originator @@ -279,7 +279,7 @@ Copyright: Kerberos 5 ticket support in rxkad is subject to the following copyright: /* - * Copyright (c) 1995, 1996, 1997, 2002 Kungliga Tekniska Högskolan + * Copyright (c) 1995, 1996, 1997, 2002 Kungliga Tekniska Högskolan * (Royal Institute of Technology, Stockholm, Sweden). * All rights reserved. * diff --git a/debian/openafs-client.postinst b/debian/openafs-client.postinst index a12cbdb6b..7ead85cb6 100644 --- a/debian/openafs-client.postinst +++ b/debian/openafs-client.postinst @@ -1,19 +1,9 @@ #! /bin/sh -# -# Summary of how this script can be called: -# -# * `configure' -# * `abort-upgrade' -# * `abort-remove' `in-favour' -# -# * `abort-deconfigure' `in-favour' -# `removing' -# set -e case "$1" in -configure) +configure|reconfigure) update-alternatives --install /usr/bin/pagsh pagsh \ /usr/bin/pagsh.openafs 100 \ --slave /usr/share/man/man1/pagsh.1.gz pagsh.1.gz \ @@ -67,6 +57,12 @@ configure) db_get openafs-client/cachesize echo /afs:/var/cache/openafs:$RET >/etc/openafs/cacheinfo + echo <<'EOF' > /etc/openafs/afs.conf.client +# This file is managed by debconf. Do not edit directly. To modify these +# settings, run dpkg-reconfigure openafs-client. + +EOF + db_get openafs-client/run-client echo AFS_CLIENT=$RET >/etc/openafs/afs.conf.client db_get openafs-client/afsdb @@ -88,9 +84,6 @@ abort-upgrade|abort-remove|abort-deconfigure) ;; esac -# dh_installdeb will replace this with shell code automatically -# generated by other debhelper scripts. - #DEBHELPER# exit 0 diff --git a/debian/openafs-client.postrm b/debian/openafs-client.postrm index 08fa0b564..789c1eda2 100644 --- a/debian/openafs-client.postrm +++ b/debian/openafs-client.postrm @@ -1,43 +1,21 @@ #! /bin/sh -# postrm script for openafs -# -# see: dh_installdeb(1) set -e -# summary of how this script can be called: -# * `remove' -# * `purge' -# * `upgrade' -# * `failed-upgrade' -# * `abort-install' -# * `abort-install' -# * `abort-upgrade' -# * `disappear' overwrit>r> -# for details, see /usr/share/doc/packaging-manual/ - case "$1" in purge) rmdir /afs 2>/dev/null || true - rm /etc/openafs/cacheinfo 2>/dev/null ||true - rm /etc/openafs/CellServDB 2>/dev/null ||true - rm /etc/openafs/ThisCell 2>/dev/null ||true - rm /etc/openafs/afs.conf.client 2>/dev/null || true + for file in cacheinfo CellServDB ThisCell afs.conf.client ; do + rm -f "/etc/openafs/$file" + done ;; - remove|upgrade|failed-upgrade|abort-install|abort-upgrade|disappear) - - ;; - - *) - echo "postrm called with unknown argument \`$1'" >&2 - exit 0 +remove|upgrade|failed-upgrade|abort-install|abort-upgrade|disappear) + ;; +*) + echo "postrm called with unknown argument $1" >&2 + exit 0 esac -# dh_installdeb will replace this with shell code automatically -# generated by other debhelper scripts. - #DEBHELPER# - - diff --git a/debian/openafs-dbserver.postrm b/debian/openafs-dbserver.postrm new file mode 100644 index 000000000..610767941 --- /dev/null +++ b/debian/openafs-dbserver.postrm @@ -0,0 +1,28 @@ +#! /bin/sh +# postrm script for openafs-dbserver +# +# Purges the database and log files created by the package. We assume that +# it's safe to do this for database files since they're normally transferred +# via Ubik to other hosts. + +set -e + +case "$1" in +purge) + for file in prdb.DB0 prdb.DBSYS1 vldb.DB0 vldb.DBSYS1 ; do + rm -f "/var/lib/openafs/db/$file" + done + for file in PtLog PtLog.old VLLog VLLog.old ; do + rm -f "/var/log/openafs/$file" + done + ;; + +remove|upgrade|failed-upgrade|abort-install|abort-upgrade|disappear) + ;; + +*) + echo "postrm called with unknown argument $1" >&2 + exit 0 +esac + +#DEBHELPER# diff --git a/debian/openafs-fileserver.postinst b/debian/openafs-fileserver.postinst index cd1be200b..85319150e 100644 --- a/debian/openafs-fileserver.postinst +++ b/debian/openafs-fileserver.postinst @@ -1,14 +1,4 @@ -#!/bin/sh -e -# -# Summary of how this script can be called: -# -# * `configure' -# * `abort-upgrade' -# * `abort-remove' `in-favour' -# -# * `abort-deconfigure' `in-favour' -# `removing' -# +#!/bin/sh set -e diff --git a/debian/openafs-fileserver.postrm b/debian/openafs-fileserver.postrm index ff59a1f2d..ce578443e 100644 --- a/debian/openafs-fileserver.postrm +++ b/debian/openafs-fileserver.postrm @@ -21,6 +21,18 @@ purge) rm -f "/var/lib/openafs/local/$file" done rm -f /etc/openafs/BosConfig + for file in BosLog FileLog SalvageLog VolserLog ; do + rm -f "/var/log/openafs/$file" + rm -f "/var/log/openafs/$file.old" + done + + # Clean up after files left behind from older versions of the package. + if [ -d /etc/openafs/server-local ] ; then + for file in SALVAGE.fs fssync.sock salvage.lock sysid sysid.old ; do + rm -f "/etc/openafs/server-local/$file" + done + rmdir --ignore-fail-on-non-empty /etc/openafs/server-local + fi ;; remove|upgrade|failed-upgrade|abort-install|abort-upgrade|disappear) @@ -32,5 +44,3 @@ remove|upgrade|failed-upgrade|abort-install|abort-upgrade|disappear) esac #DEBHELPER# - - diff --git a/debian/patches/alloc-vnode b/debian/patches/alloc-vnode new file mode 100644 index 000000000..9c4d535c3 --- /dev/null +++ b/debian/patches/alloc-vnode @@ -0,0 +1,34 @@ +Allocate vnodes rather than using the stack, which fixes file server +problems on SPARC. Upstream delta: + +STABLE14-volprocs-alloc-vnode-instead-of-using-stack-20071126 + +Debian Bug#448380 + +--- openafs.orig/src/volser/volprocs.c ++++ openafs/src/volser/volprocs.c +@@ -210,14 +210,14 @@ + struct acl_accessList *ACL; + ViceFid did; + Inode inodeNumber, nearInode; +- char buf[SIZEOF_LARGEDISKVNODE]; +- struct VnodeDiskObject *vnode = (struct VnodeDiskObject *)buf; ++ struct VnodeDiskObject *vnode; + struct VnodeClassInfo *vcp = &VnodeClassInfo[vLarge]; + IHandle_t *h; + FdHandle_t *fdP; + int code; + afs_fsize_t length; + ++ vnode = (struct VnodeDiskObject *)malloc(SIZEOF_LARGEDISKVNODE); + memset(vnode, 0, SIZEOF_LARGEDISKVNODE); + + V_pref(vp, nearInode); +@@ -282,6 +282,7 @@ + VNDISK_GET_LEN(length, vnode); + V_diskused(vp) = nBlocks(length); + ++ free(vnode); + return 1; + } + diff --git a/debian/patches/linux-2.6.24 b/debian/patches/linux-2.6.24 new file mode 100644 index 000000000..930e29996 --- /dev/null +++ b/debian/patches/linux-2.6.24 @@ -0,0 +1,421 @@ +Add support for Linux 2.6.24. This patch combines the upstream deltas: + +STABLE14-linux-afs-unlinked-file-dentry-flagging-20071031 +STABLE14-linux-nsec-timestamp-zero-20071106 +STABLE14-linux-splice-support-20071106 +STABLE14-linux-2624-20071123 +STABLE14-linux-try-kbuild-deal-with-old-modpost-20071127 +STABLE14-linux24-kernel-configure-test-20071208 + +Debian Bug#456258, Bug#458331 + +--- openafs.orig/acinclude.m4 ++++ openafs/acinclude.m4 +@@ -582,6 +582,9 @@ + ) + + LINUX_KERNEL_COMPILE_WORKS ++ LINUX_KBUILD_USES_EXTRA_CFLAGS ++ LINUX_HAVE_CURRENT_KERNEL_TIME ++ LINUX_KMEM_CACHE_INIT + LINUX_HAVE_KMEM_CACHE_T + LINUX_KMEM_CACHE_CREATE_TAKES_DTOR + LINUX_CONFIG_H_EXISTS +@@ -614,12 +617,14 @@ + LINUX_AOP_WRITEBACK_CONTROL + LINUX_FS_STRUCT_FOP_HAS_FLOCK + LINUX_FS_STRUCT_FOP_HAS_SENDFILE ++ LINUX_FS_STRUCT_FOP_HAS_SPLICE + LINUX_KERNEL_LINUX_SYSCALL_H + LINUX_KERNEL_LINUX_SEQ_FILE_H + LINUX_KERNEL_POSIX_LOCK_FILE_WAIT_ARG + LINUX_KERNEL_SELINUX + LINUX_KERNEL_SOCK_CREATE + LINUX_KERNEL_PAGE_FOLLOW_LINK ++ LINUX_KEY_TYPE_H_EXISTS + LINUX_NEED_RHCONFIG + LINUX_RECALC_SIGPENDING_ARG_TYPE + LINUX_SCHED_STRUCT_TASK_STRUCT_HAS_PARENT +@@ -647,6 +652,7 @@ + LINUX_GENERIC_FILE_AIO_READ + LINUX_INIT_WORK_HAS_DATA + LINUX_REGISTER_SYSCTL_TABLE_NOFLAG ++ LINUX_SYSCTL_TABLE_CHECKING + LINUX_EXPORTS_SYS_CHDIR + LINUX_EXPORTS_SYS_CLOSE + LINUX_EXPORTS_SYS_OPEN +@@ -720,6 +726,9 @@ + if test "x$ac_cv_linux_config_h_exists" = "xyes" ; then + AC_DEFINE(CONFIG_H_EXISTS, 1, [define if config.h exists]) + fi ++ if test "x$ac_cv_linux_key_type_h_exists" = "xyes" ; then ++ AC_DEFINE(KEY_TYPE_H_EXISTS, 1, [define if key-type.h exists]) ++ fi + if test "x$ac_cv_linux_defines_for_each_process" = "xyes" ; then + AC_DEFINE(DEFINED_FOR_EACH_PROCESS, 1, [define if for_each_process defined]) + fi +@@ -861,15 +870,27 @@ + if test "x$ac_cv_linux_fs_struct_fop_has_sendfile" = "xyes" ; then + AC_DEFINE(STRUCT_FILE_OPERATIONS_HAS_SENDFILE, 1, [define if your struct file_operations has sendfile]) + fi ++ if test "x$ac_cv_linux_fs_struct_fop_has_splice" = "xyes" ; then ++ AC_DEFINE(STRUCT_FILE_OPERATIONS_HAS_SPLICE, 1, [define if your struct file_operations has splice_write and splice_read]) ++ fi + if test "x$ac_cv_linux_register_sysctl_table_noflag" = "xyes" ; then + AC_DEFINE(REGISTER_SYSCTL_TABLE_NOFLAG, 1, [define if register_sysctl_table has no insert_at head flag]) + fi ++ if test "x$ac_cv_linux_sysctl_table_checking" = "xyes" ; then ++ AC_DEFINE(SYSCTL_TABLE_CHECKING, 1, [define if your kernel has sysctl table checking]) ++ fi + if test "x$ac_cv_linux_exports_tasklist_lock" = "xyes" ; then + AC_DEFINE(EXPORTED_TASKLIST_LOCK, 1, [define if tasklist_lock exported]) + fi + if test "x$ac_cv_linux_have_kmem_cache_t" = "xyes" ; then + AC_DEFINE(HAVE_KMEM_CACHE_T, 1, [define if kmem_cache_t exists]) + fi ++ if test "x$ac_cv_linux_kmem_cache_init" = "xyes" ; then ++ AC_DEFINE(KMEM_CACHE_INIT, 1, [define for new kmem_cache init function parameters]) ++ fi ++ if test "x$ac_cv_linux_have_current_kernel_time" = "xyes" ; then ++ AC_DEFINE(HAVE_CURRENT_KERNEL_TIME, 1, [define if current_kernel_time() exists]) ++ fi + if test "x$ac_cv_linux_have_kmem_cache_t" = "xyes" ; then + AC_DEFINE(KMEM_CACHE_TAKES_DTOR, 1, [define if kmem_cache_create takes a destructor argument]) + fi +--- openafs.orig/src/afs/LINUX/osi_machdep.h ++++ openafs/src/afs/LINUX/osi_machdep.h +@@ -76,7 +76,18 @@ + + #define afs_hz HZ + #include "h/sched.h" ++#if defined(HAVE_CURRENT_KERNEL_TIME) ++static inline time_t osi_Time(void) { ++ struct timespec xtime; ++ xtime = current_kernel_time(); ++ return xtime.tv_sec; ++} ++#else + #define osi_Time() (xtime.tv_sec) ++#endif ++ ++ ++ + #ifdef AFS_LINUX_64BIT_KERNEL + #define osi_GetTime(V) \ + do { \ +--- openafs.orig/src/afs/LINUX/osi_sysctl.c ++++ openafs/src/afs/LINUX/osi_sysctl.c +@@ -1,7 +1,7 @@ + /* + * osi_sysctl.c: Linux sysctl interface to OpenAFS + * +- * $Id: osi_sysctl.c,v 1.7.2.5 2007/06/12 18:28:49 shadow Exp $ ++ * $Id: osi_sysctl.c,v 1.7.2.6 2007/11/23 13:45:04 shadow Exp $ + * + * Written Jan 30, 2002 by Kris Van Hees (Sine Nomine Associates) + */ +@@ -28,7 +28,11 @@ + + static ctl_table afs_sysctl_table[] = { + { ++#if defined(SYSCTL_TABLE_CHECKING) ++ .ctl_name = CTL_UNNUMBERED, ++#else + .ctl_name = 1, ++#endif + .procname = "hm_retry_RO", + .data = &hm_retry_RO, + .maxlen = sizeof(afs_int32), +@@ -36,7 +40,11 @@ + .proc_handler = &proc_dointvec + }, + { ++#if defined(SYSCTL_TABLE_CHECKING) ++ .ctl_name = CTL_UNNUMBERED, ++#else + .ctl_name = 2, ++#endif + .procname = "hm_retry_RW", + .data = &hm_retry_RW, + .maxlen = sizeof(afs_int32), +@@ -44,7 +52,11 @@ + .proc_handler = &proc_dointvec + }, + { ++#if defined(SYSCTL_TABLE_CHECKING) ++ .ctl_name = CTL_UNNUMBERED, ++#else + .ctl_name = 3, ++#endif + .procname = "hm_retry_int", + .data = &hm_retry_int, + .maxlen = sizeof(afs_int32), +@@ -52,7 +64,11 @@ + .proc_handler = &proc_dointvec + }, + { ++#if defined(SYSCTL_TABLE_CHECKING) ++ .ctl_name = CTL_UNNUMBERED, ++#else + .ctl_name = 4, ++#endif + .procname = "GCPAGs", + .data = &afs_gcpags, + .maxlen = sizeof(afs_int32), +@@ -60,7 +76,11 @@ + .proc_handler = &proc_dointvec + }, + { ++#if defined(SYSCTL_TABLE_CHECKING) ++ .ctl_name = CTL_UNNUMBERED, ++#else + .ctl_name = 5, ++#endif + .procname = "rx_deadtime", + .data = &afs_rx_deadtime, + .maxlen = sizeof(afs_int32), +@@ -68,7 +88,11 @@ + .proc_handler = &proc_dointvec + }, + { ++#if defined(SYSCTL_TABLE_CHECKING) ++ .ctl_name = CTL_UNNUMBERED, ++#else + .ctl_name = 6, ++#endif + .procname = "bkVolPref", + .data = &afs_bkvolpref, + .maxlen = sizeof(afs_int32), +@@ -80,7 +104,11 @@ + + static ctl_table fs_sysctl_table[] = { + { ++#if defined(SYSCTL_TABLE_CHECKING) ++ .ctl_name = CTL_UNNUMBERED, ++#else + .ctl_name = 1, ++#endif + .procname = "afs", + .mode = 0555, + .child = afs_sysctl_table +--- openafs.orig/src/afs/LINUX/osi_vfsops.c ++++ openafs/src/afs/LINUX/osi_vfsops.c +@@ -16,7 +16,7 @@ + #include "afs/param.h" + + RCSID +- ("$Header: /cvs/openafs/src/afs/LINUX/osi_vfsops.c,v 1.29.2.26 2007/10/15 12:42:26 shadow Exp $"); ++ ("$Header: /cvs/openafs/src/afs/LINUX/osi_vfsops.c,v 1.29.2.28 2007/11/23 13:45:04 shadow Exp $"); + + #define __NO_VERSION__ /* don't define kernel_version in module.h */ + #include /* early to avoid printf->printk mapping */ +@@ -295,8 +295,12 @@ + #if defined(HAVE_KMEM_CACHE_T) + init_once(void * foo, kmem_cache_t * cachep, unsigned long flags) + #else ++#if defined(KMEM_CACHE_INIT) ++init_once(struct kmem_cache * cachep, void * foo) ++#else + init_once(void * foo, struct kmem_cache * cachep, unsigned long flags) + #endif ++#endif + { + struct vcache *vcp = (struct vcache *) foo; + +@@ -531,8 +535,11 @@ + ip->i_size = vp->va_size; + #if defined(AFS_LINUX26_ENV) + ip->i_atime.tv_sec = vp->va_atime.tv_sec; ++ ip->i_atime.tv_nsec = 0; + ip->i_mtime.tv_sec = vp->va_mtime.tv_sec; ++ ip->i_mtime.tv_nsec = 0; + ip->i_ctime.tv_sec = vp->va_ctime.tv_sec; ++ ip->i_ctime.tv_nsec = 0; + #else + ip->i_atime = vp->va_atime.tv_sec; + ip->i_mtime = vp->va_mtime.tv_sec; +--- openafs.orig/src/afs/LINUX/osi_vnodeops.c ++++ openafs/src/afs/LINUX/osi_vnodeops.c +@@ -22,7 +22,7 @@ + #include "afs/param.h" + + RCSID +- ("$Header: /cvs/openafs/src/afs/LINUX/osi_vnodeops.c,v 1.81.2.57 2007/10/15 12:42:26 shadow Exp $"); ++ ("$Header: /cvs/openafs/src/afs/LINUX/osi_vnodeops.c,v 1.81.2.59 2007/11/06 18:35:32 shadow Exp $"); + + #include "afs/sysincludes.h" + #include "afsincludes.h" +@@ -643,6 +643,10 @@ + #if defined(AFS_LINUX26_ENV) && defined(STRUCT_FILE_OPERATIONS_HAS_SENDFILE) + .sendfile = generic_file_sendfile, + #endif ++#if defined(AFS_LINUX26_ENV) && defined(STRUCT_FILE_OPERATIONS_HAS_SPLICE) ++ .splice_write = generic_file_splice_write, ++ .splice_read = generic_file_splice_read, ++#endif + .release = afs_linux_release, + .fsync = afs_linux_fsync, + .lock = afs_linux_lock, +@@ -878,6 +882,15 @@ + AFS_GLOCK(); + (void) afs_InactiveVCache(vcp, NULL); + AFS_GUNLOCK(); ++#ifdef DCACHE_NFSFS_RENAMED ++#ifdef AFS_LINUX26_ENV ++ spin_lock(&dp->d_lock); ++#endif ++ dp->d_flags &= ~DCACHE_NFSFS_RENAMED; ++#ifdef AFS_LINUX26_ENV ++ spin_unlock(&dp->d_lock); ++#endif ++#endif + + iput(ip); + } +@@ -1095,6 +1108,15 @@ + } + tvc->uncred = credp; + tvc->states |= CUnlinked; ++#ifdef DCACHE_NFSFS_RENAMED ++#ifdef AFS_LINUX26_ENV ++ spin_lock(&dp->d_lock); ++#endif ++ dp->d_flags |= DCACHE_NFSFS_RENAMED; ++#ifdef AFS_LINUX26_ENV ++ spin_unlock(&dp->d_lock); ++#endif ++#endif + } else { + osi_FreeSmallSpace(__name); + } +--- openafs.orig/src/afs/sysincludes.h ++++ openafs/src/afs/sysincludes.h +@@ -75,6 +75,9 @@ + #if defined(LINUX_KEYRING_SUPPORT) + #include + #include ++#if defined(KEY_TYPE_H_EXISTS) ++#include ++#endif + #ifndef KEY_ALLOC_IN_QUOTA + #define KEY_ALLOC_IN_QUOTA 1 + #endif +--- openafs.orig/src/cf/linux-test1.m4 ++++ openafs/src/cf/linux-test1.m4 +@@ -2,9 +2,12 @@ + # [ACTION-IF-SUCCESS], [ACTION-IF-FAILURE]) + # + AC_DEFUN([AC_TRY_KBUILD26],[ rm -fr conftest.dir ++ if test "x$ac_linux_kbuild_requires_extra_cflags" = "xyes" ; then ++ CFLAGS_PREFIX='EXTRA_' ++ fi + if mkdir conftest.dir && + cat >conftest.dir/Makefile <<_ACEOF && +-CFLAGS += $CPPFLAGS ++${CFLAGS_PREFIX}CFLAGS += $CPPFLAGS + + obj-m += conftest.o + _ACEOF +@@ -24,8 +27,9 @@ + + MODULE_LICENSE("http://www.openafs.org/dl/license10.html"); + _ACEOF +- echo make -C $LINUX_KERNEL_PATH M=$SRCDIR_PARENT/conftest.dir modules KBUILD_VERBOSE=1 >&AS_MESSAGE_LOG_FD +- make -C $LINUX_KERNEL_PATH M=$SRCDIR_PARENT/conftest.dir modules KBUILD_VERBOSE=1 >&AS_MESSAGE_LOG_FD 2>conftest.err ++ echo make -C $LINUX_KERNEL_PATH M=$SRCDIR_PARENT/conftest.dir modules KBUILD_VERBOSE=1 >&AS_MESSAGE_LOG_FD && ++ make -C $LINUX_KERNEL_PATH M=$SRCDIR_PARENT/conftest.dir modules KBUILD_VERBOSE=1 >&AS_MESSAGE_LOG_FD 2>conftest.err && ++ ! grep "^WARNING: .* undefined!$" conftest.err >/dev/null 2>&1 + then [$3] + else + sed '/^ *+/d' conftest.err >&AS_MESSAGE_LOG_FD +@@ -42,8 +46,10 @@ + # + AC_DEFUN([AC_TRY_KBUILD24], [ + ac_save_CPPFLAGS="$CPPFLAGS" +- CPPFLAGS="-I$LINUX_KERNEL_PATH/include -D__KERNEL__ $CPPFLAGS" +- AC_TRY_COMPILE([$1], [$2], [$3], [$4]) ++ CPPFLAGS="-I$LINUX_KERNEL_PATH/include -D__KERNEL__ -Werror-implicit-function-declaration $CPPFLAGS" ++ AC_TRY_COMPILE([ ++#include ++$1], [$2], [$3], [$4]) + CPPFLAGS="$ac_save_CPPFLAGS"]) + + +@@ -65,3 +71,16 @@ + [],:,AC_MSG_RESULT(no) + AC_MSG_FAILURE([Fix problem or use --disable-kernel-module...])) + AC_MSG_RESULT(yes)]) ++ ++AC_DEFUN([LINUX_KBUILD_USES_EXTRA_CFLAGS], [ ++ AC_MSG_CHECKING([if linux kbuild requires EXTRA_CFLAGS]) ++ save_CPPFLAGS="$CPPFLAGS" ++ CPPFLAGS=-Wall ++ AC_TRY_KBUILD( ++[#include ++#include ], ++ [], ++ ac_linux_kbuild_requires_extra_cflags=no, ++ ac_linux_kbuild_requires_extra_cflags=yes) ++ CPPFLAGS="$save_CPPFLAGS" ++ AC_MSG_RESULT($ac_linux_kbuild_requires_extra_cflags)]) +--- openafs.orig/src/cf/linux-test4.m4 ++++ openafs/src/cf/linux-test4.m4 +@@ -894,3 +894,58 @@ + ac_cv_linux_fs_struct_fop_has_sendfile=no)]) + AC_MSG_RESULT($ac_cv_linux_fs_struct_fop_has_sendfile)]) + ++AC_DEFUN([LINUX_FS_STRUCT_FOP_HAS_SPLICE], [ ++ AC_MSG_CHECKING([for splice_write and splice_read in struct file_operations]) ++ AC_CACHE_VAL([ac_cv_linux_fs_struct_fop_has_splice], [ ++ AC_TRY_KBUILD( ++[#include ], ++[struct file_operations _fop; ++_fop.splice_write(NULL, NULL, NULL, 0, 0); ++_fop.splice_read(NULL, NULL, NULL, 0, 0);], ++ ac_cv_linux_fs_struct_fop_has_splice=yes, ++ ac_cv_linux_fs_struct_fop_has_splice=no)]) ++ AC_MSG_RESULT($ac_cv_linux_fs_struct_fop_has_splice)]) ++ ++AC_DEFUN([LINUX_KEY_TYPE_H_EXISTS], [ ++ AC_MSG_CHECKING([whether linux/key-type.h exists]) ++ AC_CACHE_VAL([ac_cv_linux_key_type_h_exists], [ ++ AC_TRY_KBUILD( ++[#include ], ++[return;], ++ ac_cv_linux_key_type_h_exists=yes, ++ ac_cv_linux_key_type_h_exists=no)]) ++ AC_MSG_RESULT($ac_cv_linux_key_type_h_exists)]) ++ ++AC_DEFUN([LINUX_HAVE_CURRENT_KERNEL_TIME], [ ++ AC_MSG_CHECKING([for current_kernel_time()]) ++ AC_CACHE_VAL([ac_cv_linux_have_current_kernel_time], [ ++ AC_TRY_KBUILD( ++[#include ], ++[struct timespec s = current_kernel_time();], ++ ac_cv_linux_have_current_kernel_time=yes, ++ ac_cv_linux_have_current_kernel_time=no)]) ++ AC_MSG_RESULT($ac_cv_linux_have_current_kernel_time)]) ++ ++AC_DEFUN([LINUX_KMEM_CACHE_INIT], [ ++ AC_MSG_CHECKING([for new kmem_cache init function parameters]) ++ AC_CACHE_VAL([ac_cv_linux_kmem_cache_init], [ ++ AC_TRY_KBUILD( ++[#include ], ++[extern struct kmem_cache *kmem_cache_create(const char *, size_t, size_t, ++ unsigned long, ++ void (*)(struct kmem_cache *, void *)); ++return;], ++ ac_cv_linux_kmem_cache_init=yes, ++ ac_cv_linux_kmem_cache_init=no)]) ++ AC_MSG_RESULT($ac_cv_linux_kmem_cache_init)]) ++ ++AC_DEFUN([LINUX_SYSCTL_TABLE_CHECKING], [ ++ AC_MSG_CHECKING([for sysctl table checking]) ++ AC_CACHE_VAL([ac_cv_linux_sysctl_table_checking], [ ++ AC_TRY_KBUILD( ++[#include ], ++[ sysctl_check_table(NULL);], ++ ac_cv_linux_sysctl_table_checking=yes, ++ ac_cv_linux_sysctl_table_checking=no)]) ++ AC_MSG_RESULT($ac_cv_linux_sysctl_table_checking)]) ++ diff --git a/debian/patches/multiple-local-realms b/debian/patches/multiple-local-realms new file mode 100644 index 000000000..c2655613a --- /dev/null +++ b/debian/patches/multiple-local-realms @@ -0,0 +1,578 @@ +Enable listing multiple realms in the server krb.conf file. Up to four +realms may be treated as local in that fashion for authorization +purposes (instead of the single realm supported without this patch). + +This upstream patch is in the 1.5 series but not in 1.4. However, it +has been working in production at Stanford University for some time. + +--- openafs.orig/src/audit/audit.c ++++ openafs/src/audit/audit.c +@@ -447,12 +447,43 @@ + } + if ((clen = strlen(tcell))) { + #if defined(AFS_ATHENA_STDENV) || defined(AFS_KERBREALM_ENV) +- static char local_realm[AFS_REALM_SZ] = ""; +- if (!local_realm[0]) { +- if (afs_krb_get_lrealm(local_realm, 0) != 0 /*KSUCCESS*/) +- strncpy(local_realm, "UNKNOWN.LOCAL.REALM", AFS_REALM_SZ); ++ static char local_realms[AFS_NUM_LREALMS][AFS_REALM_SZ]; ++ static int num_lrealms = -1; ++ int i, lrealm_match; ++ ++ if (num_lrealms == -1) { ++ for (i=0; i= sizeof(vname)) + goto done; + strcat(vname, "@"); +--- openafs.orig/src/auth/userok.c ++++ openafs/src/auth/userok.c +@@ -403,7 +403,9 @@ + + afs_uint32 exp; + static char lcell[MAXCELLCHARS] = ""; +- static char lrealm[AFS_REALM_SZ] = ""; ++ static char lrealms[AFS_NUM_LREALMS][AFS_REALM_SZ]; ++ static int num_lrealms = -1; ++ int lrealm_match = 0, i; + + /* get auth details from server connection */ + code = +@@ -440,11 +442,40 @@ + /* if running a krb environment, also get the local realm */ + /* note - this assumes AFS_REALM_SZ <= MAXCELLCHARS */ + /* just set it to lcell if it fails */ +- if (!lrealm[0]) { +- if (afs_krb_get_lrealm(lrealm, 0) != 0) /* KSUCCESS */ +- strncpy(lrealm, lcell, AFS_REALM_SZ); ++ if (num_lrealms == -1) { ++ for (i=0; i"); + flag = 1; + +- /* cell of connection matches local cell or krb4 realm */ +- } else if (!strcasecmp(tcell, lcell) || !strcasecmp(tcell, lrealm)) { ++ /* cell of connection matches local cell or one of the realms */ ++ } else if (!strcasecmp(tcell, lcell) || lrealm_match) { + if ((tmp = CompFindUser(adir, tname, ".", tinst, NULL))) { + strcpy(uname, tmp); + flag = 1; +@@ -467,7 +498,6 @@ + flag = 1; + #endif + } +- + /* cell of conn doesn't match local cell or realm */ + } else { + if ((tmp = CompFindUser(adir, tname, ".", tinst, tcell))) { +--- openafs.orig/src/config/afs_sysnames.h ++++ openafs/src/config/afs_sysnames.h +@@ -286,4 +286,6 @@ + #ifdef AFS_KERBREALM_ENV + #define AFS_REALM_SZ 64 + #endif ++/* Specifies the number of equivalent local realm names */ ++#define AFS_NUM_LREALMS 4 + #endif /* __AFS_SYSNAMES_INCL_ENV_ */ +--- openafs.orig/src/ptserver/ptprocs.c ++++ openafs/src/ptserver/ptprocs.c +@@ -93,6 +93,7 @@ + extern afs_int32 Initdb(); + extern int pr_noAuth; + extern afs_int32 initd; ++extern char *pr_realmName; + afs_int32 iNewEntry(), newEntry(), whereIsIt(), dumpEntry(), addToGroup(), + nameToID(), Delete(), removeFromGroup(); + afs_int32 getCPS(), getCPS2(), getHostCPS(), listMax(), setMax(), listEntry(); +@@ -178,22 +179,9 @@ + if (exp < FT_ApproxTime()) + goto done; + #endif +- if (strlen(tcell)) { +- extern char *pr_realmName; +-#if defined(AFS_ATHENA_STDENV) || defined(AFS_KERBREALM_ENV) +- static char local_realm[AFS_REALM_SZ] = ""; +- if (!local_realm[0]) { +- if (afs_krb_get_lrealm(local_realm, 0) != 0 /*KSUCCESS*/) +- strncpy(local_realm, pr_realmName, AFS_REALM_SZ); +- } +-#endif +- if ( +-#if defined(AFS_ATHENA_STDENV) || defined(AFS_KERBREALM_ENV) +- strcasecmp(local_realm, tcell) && +-#endif +- strcasecmp(pr_realmName, tcell)) +- foreign = 1; +- } ++ if (tcell[0]) ++ foreign = afs_is_foreign_ticket_name(name,inst,tcell,pr_realmName); ++ + strncpy(vname, name, sizeof(vname)); + if (ilen = strlen(inst)) { + if (strlen(vname) + 1 + ilen >= sizeof(vname)) +@@ -640,7 +628,24 @@ + ABORT_WITH(tt, code); + + for (i = 0; i < aname->namelist_len; i++) { +- code = NameToID(tt, aname->namelist_val[i], &aid->idlist_val[i]); ++ char vname[256]; ++ char *nameinst, *cell; ++ ++ strncpy(vname, aname->namelist_val[i], sizeof(vname)); ++ vname[sizeof(vname)-1] ='\0'; ++ ++ nameinst = vname; ++ cell = strchr(vname, '@'); ++ if (cell) { ++ *cell = '\0'; ++ cell++; ++ } ++ ++ if (cell && afs_is_foreign_ticket_name(nameinst,NULL,cell,pr_realmName)) ++ code = NameToID(tt, aname->namelist_val[i], &aid->idlist_val[i]); ++ else ++ code = NameToID(tt, nameinst, &aid->idlist_val[i]); ++ + if (code != PRSUCCESS) + aid->idlist_val[i] = ANONYMOUSID; + osi_audit(PTS_NmToIdEvent, code, AUD_STR, +@@ -2281,7 +2286,6 @@ + } + #endif /* IP_WILDCARDS */ + +- + afs_int32 + WhoIsThisWithName(acall, at, aid, aname) + struct rx_call *acall; +@@ -2309,11 +2313,12 @@ + } else if (code == 2) { /* kad class */ + + int clen; +- extern char *pr_realmName; + + if ((code = rxkad_GetServerInfo(acall->conn, NULL, 0 /*was &exp */ , + name, inst, tcell, NULL))) + goto done; ++ ++ + strncpy(vname, name, sizeof(vname)); + if ((ilen = strlen(inst))) { + if (strlen(vname) + 1 + ilen >= sizeof(vname)) +@@ -2322,19 +2327,9 @@ + strcat(vname, inst); + } + if ((clen = strlen(tcell))) { ++ int foreign = afs_is_foreign_ticket_name(name,inst,tcell,pr_realmName); + +-#if defined(AFS_ATHENA_STDENV) || defined(AFS_KERBREALM_ENV) +- static char local_realm[AFS_REALM_SZ] = ""; +- if (!local_realm[0]) { +- if (afs_krb_get_lrealm(local_realm, 0) != 0 /*KSUCCESS*/) +- strncpy(local_realm, pr_realmName, AFS_REALM_SZ); +- } +-#endif +- if ( +-#if defined(AFS_ATHENA_STDENV) || defined(AFS_KERBREALM_ENV) +- strcasecmp(local_realm, tcell) && +-#endif +- strcasecmp(pr_realmName, tcell)) { ++ if (foreign) { + if (strlen(vname) + 1 + clen >= sizeof(vname)) + goto done; + strcat(vname, "@"); +--- openafs.orig/src/util/afsutil_prototypes.h ++++ openafs/src/util/afsutil_prototypes.h +@@ -74,7 +74,8 @@ + + /* get_krbrlm.c */ + extern int afs_krb_get_lrealm(char *r, int n); +- ++extern int afs_krb_exclusion(char *name); ++extern int afs_is_foreign_ticket_name(char *tname, char *tinst, char * tcell, char *localrealm); + /* hostparse.c */ + extern struct hostent *hostutil_GetHostByName(register char *ahost); + extern char *hostutil_GetNameByINet(afs_uint32 addr); +--- openafs.orig/src/util/dirpath.c ++++ openafs/src/util/dirpath.c +@@ -365,6 +365,8 @@ + pathp = dirPathArray[AFSDIR_SERVER_MIGRATELOG_FILEPATH_ID]; + AFSDIR_SERVER_FILEPATH(pathp, AFSDIR_MIGR_DIR, AFSDIR_MIGRATE_LOGNAME); + ++ pathp = dirPathArray[AFSDIR_SERVER_KRB_EXCL_FILEPATH_ID]; ++ AFSDIR_SERVER_FILEPATH(pathp, AFSDIR_SERVER_ETC_DIR, AFSDIR_KRB_EXCL_FILE); + + /* client file paths */ + #ifdef AFS_NT40_ENV +--- openafs.orig/src/util/dirpath.hin ++++ openafs/src/util/dirpath.hin +@@ -144,6 +144,7 @@ + #define AFSDIR_BOSVR_FILE "bosserver" + #define AFSDIR_VOLSERLOG_FILE "VolserLog" + #define AFSDIR_AUDIT_FILE "Audit" ++#define AFSDIR_KRB_EXCL_FILE "krb.excl" + + #define AFSDIR_ROOTVOL_FILE "RootVolume" + #define AFSDIR_HOSTDUMP_FILE "hosts.dump" +@@ -262,6 +263,7 @@ + AFSDIR_SERVER_MIGRATELOG_FILEPATH_ID, + AFSDIR_SERVER_BIN_FILE_DIRPATH_ID, + AFSDIR_CLIENT_CELLALIAS_FILEPATH_ID, ++ AFSDIR_SERVER_KRB_EXCL_FILEPATH_ID, + AFSDIR_PATHSTRING_MAX } afsdir_id_t; + + /* getDirPath() returns a pointer to a string from an internal array of path strings +@@ -329,6 +331,7 @@ + #define AFSDIR_SERVER_WEIGHTING_CONSTANTS_FILEPATH getDirPath(AFSDIR_SERVER_WEIGHTING_CONSTANTS_FILEPATH_ID) + #define AFSDIR_SERVER_THRESHOLD_CONSTANTS_FILEPATH getDirPath(AFSDIR_SERVER_THRESHOLD_CONSTANTS_FILEPATH_ID) + #define AFSDIR_SERVER_MIGRATELOG_FILEPATH getDirPath(AFSDIR_SERVER_MIGRATELOG_FILEPATH_ID) ++#define AFSDIR_SERVER_KRB_EXCL_FILEPATH getDirPath(AFSDIR_SERVER_KRB_EXCL_FILEPATH_ID) + + /* client file paths */ + #define AFSDIR_CLIENT_THISCELL_FILEPATH getDirPath(AFSDIR_CLIENT_THISCELL_FILEPATH_ID) +--- openafs.orig/src/util/dirpath_nt.h ++++ openafs/src/util/dirpath_nt.h +@@ -135,6 +135,7 @@ + #define AFSDIR_BOSVR_FILE "bosserver" + #define AFSDIR_VOLSERLOG_FILE "VolserLog" + #define AFSDIR_AUDIT_FILE "Audit" ++#define AFSDIR_KRB_EXCL_FILE "krb.excl" + + #define AFSDIR_ROOTVOL_FILE "RootVolume" + #define AFSDIR_HOSTDUMP_FILE "hosts.dump" +@@ -257,6 +258,7 @@ + AFSDIR_SERVER_MIGRATELOG_FILEPATH_ID, + AFSDIR_SERVER_BIN_FILE_DIRPATH_ID, + AFSDIR_CLIENT_CELLALIAS_FILEPATH_ID, ++ AFSDIR_SERVER_KRB_EXCL_FILEPATH_ID, + AFSDIR_PATHSTRING_MAX + } afsdir_id_t; + +@@ -325,6 +327,7 @@ + #define AFSDIR_SERVER_WEIGHTING_CONSTANTS_FILEPATH getDirPath(AFSDIR_SERVER_WEIGHTING_CONSTANTS_FILEPATH_ID) + #define AFSDIR_SERVER_THRESHOLD_CONSTANTS_FILEPATH getDirPath(AFSDIR_SERVER_THRESHOLD_CONSTANTS_FILEPATH_ID) + #define AFSDIR_SERVER_MIGRATELOG_FILEPATH getDirPath(AFSDIR_SERVER_MIGRATELOG_FILEPATH_ID) ++#define AFSDIR_SERVER_KRB_EXCL_FILEPATH getDirPath(AFSDIR_SERVER_KRB_EXCL_FILEPATH_ID) + + /* client file paths */ + #define AFSDIR_CLIENT_THISCELL_FILEPATH getDirPath(AFSDIR_CLIENT_THISCELL_FILEPATH_ID) +--- openafs.orig/src/util/get_krbrlm.c ++++ openafs/src/util/get_krbrlm.c +@@ -26,21 +26,148 @@ + #define KSUCCESS 0 + #define KFAILURE (-1) + ++static char * ++parse_str(char *buffer, char *result, int size) ++{ ++ int n=0; ++ ++ if (!buffer) ++ goto cleanup; ++ ++ while (*buffer && isspace(*buffer)) ++ buffer++; ++ while (*buffer && !isspace(*buffer)) { ++ if (n < size - 1) { ++ *result++=*buffer++; ++ n++; ++ } else { ++ buffer++; ++ } ++ } ++ ++ cleanup: ++ *result='\0'; ++ return buffer; ++} ++ ++ + int + afs_krb_get_lrealm(char *r, int n) + { ++ char linebuf[2048]; ++ char tr[AFS_REALM_SZ] = ""; ++ char *p; + FILE *cnffile/*, *fopen()*/; ++ int i; ++ int rv = KFAILURE; + +- if (n > 1) +- return (KFAILURE); /* Temporary restriction */ ++ *r = '\0'; + + if ((cnffile = fopen(AFSDIR_SERVER_KCONF_FILEPATH, "r")) == NULL) { + return (KFAILURE); + } +- if (fscanf(cnffile, "%s", r) != 1) { +- (void)fclose(cnffile); +- return (KFAILURE); ++ if (fgets(linebuf, sizeof(linebuf)-1, cnffile) == NULL) { ++ goto cleanup; ++ } ++ linebuf[sizeof(linebuf)-1] = '\0'; ++ for (i=0, p=linebuf; i<=n && *p; i++) { ++ p = parse_str(p, tr, AFS_REALM_SZ); ++ } ++ ++ if (*tr) { ++ strcpy(r,tr); ++ rv = KSUCCESS; ++ } ++ ++ cleanup: ++ (void)fclose(cnffile); ++ return rv; ++} ++ ++int ++afs_krb_exclusion(char * name) ++{ ++ char linebuf[2048]; ++ char excl_name[256] = ""; ++ FILE *cnffile/*, *fopen()*/; ++ int exclude = 0; ++ ++ if ((cnffile = fopen(AFSDIR_SERVER_KRB_EXCL_FILEPATH, "r")) == NULL) ++ return exclude; ++ ++ for (;;) { ++ if (fgets(linebuf, sizeof(linebuf)-1, cnffile) == NULL) { ++ goto cleanup; ++ } ++ linebuf[sizeof(linebuf)-1] = '\0'; ++ parse_str(linebuf, excl_name, sizeof(excl_name)); ++ ++ if (!strcmp(name,excl_name)) { ++ exclude = 1; ++ break; ++ } + } ++ ++ cleanup: + (void)fclose(cnffile); +- return (KSUCCESS); ++ return exclude; ++} ++ ++int ++afs_is_foreign_ticket_name(char *tname, char *tinst, char * tcell, char *localrealm) ++{ ++ int foreign = 0; ++ ++ if (localrealm && strcasecmp(localrealm, tcell)) ++ foreign = 1; ++ ++#if defined(AFS_ATHENA_STDENV) || defined(AFS_KERBREALM_ENV) ++ if (foreign) { ++ static char local_realms[AFS_NUM_LREALMS][AFS_REALM_SZ]; ++ static int num_lrealms = -1; ++ int lrealm_match, i; ++ char uname[256]; ++ ++ if (num_lrealms == -1) { ++ for (i=0; i= PR_MAXNAMELEN) { + ViceLog(2, + ("MapName: Name too long, using AnonymousID for %s@%s\n", +--- openafs.orig/src/viced/viced.c ++++ openafs/src/viced/viced.c +@@ -1077,7 +1077,8 @@ + return -1; + } + } else if (!strcmp(argv[i], "-realm")) { +- extern char local_realm[AFS_REALM_SZ]; ++ extern char local_realms[AFS_NUM_LREALMS][AFS_REALM_SZ]; ++ extern int num_lrealms; + if ((i + 1) >= argc) { + fprintf(stderr, "missing argument for -realm\n"); + return -1; +@@ -1088,7 +1089,15 @@ + AFS_REALM_SZ); + return -1; + } +- strncpy(local_realm, argv[i], AFS_REALM_SZ); ++ if (num_lrealms == -1) ++ num_lrealms = 0; ++ if (num_lrealms >= AFS_NUM_LREALMS) { ++ printf ++ ("a maximum of %d -realm arguments can be specified.\n", ++ AFS_NUM_LREALMS); ++ return -1; ++ } ++ strncpy(local_realms[num_lrealms++], argv[i], AFS_REALM_SZ); + } else if (!strcmp(argv[i], "-udpsize")) { + if ((i + 1) >= argc) { + printf("You have to specify -udpsize \n"); diff --git a/debian/patches/series b/debian/patches/series index e4dfee1c1..3e4513d15 100644 --- a/debian/patches/series +++ b/debian/patches/series @@ -10,3 +10,6 @@ ucontext-everywhere find-core-files ktc-prototypes afs-man-name +linux-2.6.24 +alloc-vnode +multiple-local-realms diff --git a/debian/rules b/debian/rules index baf4439d1..5eb4d9ecd 100755 --- a/debian/rules +++ b/debian/rules @@ -46,8 +46,8 @@ DOC_PACKAGES = libpam-openafs-kaserver openafs-dbserver openafs-fileserver \ # These variable is used only by get-orig-source, which will normally only be # run by maintainers. -VERSION = 1.4.5 -DEBVERS = 1.4.5.dfsg1 +VERSION = 1.4.6 +DEBVERS = 1.4.6.dfsg1 UPSTREAM = /afs/grand.central.org/software/openafs/$(VERSION) # Download the upstream source, merge in the doc tarball, and do the @@ -80,9 +80,10 @@ configure-stamp: patch --with-afs-sysname=$(SYS_NAME) --disable-kernel-module \ --prefix=/usr --mandir=\$${prefix}/share/man \ --sysconfdir=/etc --libexecdir=/usr/lib \ - --localstatedir=/var/lib --enable-supergroups \ - --enable-largefile-fileserver --enable-debug --enable-lwp-debug \ - --with-krb5-conf=/usr/bin/krb5-config \ + --localstatedir=/var/lib --with-krb5-conf=/usr/bin/krb5-config \ + --enable-supergroups --enable-largefile-fileserver \ + --enable-bos-new-config \ + --enable-debug --enable-lwp-debug \ $(DEBIAN_OPT_FLAGS) $(SYSTEM) chmod a+x src/libafs/make_kbuild_makefile.pl touch configure-stamp diff --git a/src/viced/afsfileprocs.c b/src/viced/afsfileprocs.c index d4308ad76..31dce6346 100644 --- a/src/viced/afsfileprocs.c +++ b/src/viced/afsfileprocs.c @@ -29,7 +29,7 @@ #include RCSID - ("$Header: /cvs/openafs/src/viced/afsfileprocs.c,v 1.81.2.43 2007/08/21 08:28:37 jaltman Exp $"); + ("$Header: /cvs/openafs/src/viced/afsfileprocs.c,v 1.81.2.43.2.1 2007/12/13 20:59:29 shadow Exp $"); #include #include @@ -6112,7 +6112,9 @@ common_GiveUpCallBacks(struct rx_call *acall, struct AFSCBFids *FidArray, (tcon->peer ? tcon->peer->host : 0))); errorCode = GetClient(tcon, &client); if (!errorCode) { + H_LOCK; DeleteAllCallBacks_r(client->host, 1); + H_UNLOCK; PutClient(&client); } } else { diff --git a/src/viced/callback.c b/src/viced/callback.c index 66f674e22..ecc017f58 100644 --- a/src/viced/callback.c +++ b/src/viced/callback.c @@ -83,7 +83,7 @@ #include RCSID - ("$Header: /cvs/openafs/src/viced/callback.c,v 1.55.2.18 2007/10/24 15:37:32 shadow Exp $"); + ("$Header: /cvs/openafs/src/viced/callback.c,v 1.55.2.18.2.2 2007/12/13 20:57:11 shadow Exp $"); #include #include /* for malloc() */ @@ -493,7 +493,7 @@ CDelPtr(register struct FileEntry *fe, register afs_uint32 * cbp, CcdelB++; *cbp = cb->cnext; FreeCB(cb); - if (deletefe && (--fe->ncbs == 0)) + if ((--fe->ncbs == 0) && deletefe) FDel(fe); return 0; } @@ -1030,6 +1030,7 @@ DeleteFileCallBacks(AFSFid * fid) TDel(cb); HDel(cb); FreeCB(cb); + fe->ncbs--; } FDel(fe); H_UNLOCK; @@ -1860,7 +1861,7 @@ ReadDump(char *file) read(fd, &tfirst, sizeof(tfirst)); read(fd, &freelisthead, sizeof(freelisthead)); CB = ((struct CallBack - *)(calloc(cbstuff.nblks, sizeof(struct FileEntry)))) - 1; + *)(calloc(cbstuff.nblks, sizeof(struct CallBack)))) - 1; FE = ((struct FileEntry *)(calloc(cbstuff.nblks, sizeof(struct FileEntry)))) - 1; CBfree = (struct CallBack *)itocb(freelisthead); diff --git a/src/viced/host.c b/src/viced/host.c index 25ce9907f..d9d1e2ebd 100644 --- a/src/viced/host.c +++ b/src/viced/host.c @@ -11,7 +11,7 @@ #include RCSID - ("$Header: /cvs/openafs/src/viced/host.c,v 1.57.2.49 2007/09/07 03:55:40 shadow Exp $"); + ("$Header: /cvs/openafs/src/viced/host.c,v 1.57.2.49.2.1 2007/12/13 20:55:42 shadow Exp $"); #include #include @@ -1558,6 +1558,7 @@ h_GetHost_r(struct rx_connection *tcon) host->interface ? uuid2 : "")); /* The host in the cache is not the host for this connection */ + h_Lock_r(host); host->hostFlags |= HOSTDELETED; host->hostFlags &= ~HWHO_INPROGRESS; h_Unlock_r(host); diff --git a/src/viced/viced.c b/src/viced/viced.c index d785225af..45cd382ef 100644 --- a/src/viced/viced.c +++ b/src/viced/viced.c @@ -20,7 +20,7 @@ #include RCSID - ("$Header: /cvs/openafs/src/viced/viced.c,v 1.58.2.19 2007/01/12 05:23:44 shadow Exp $"); + ("$Header: /cvs/openafs/src/viced/viced.c,v 1.58.2.19.2.1 2007/12/13 21:00:43 shadow Exp $"); #include #include @@ -699,6 +699,9 @@ ShutDownAndCore(int dopanic) } } + if (dopanic) + assert(0); + exit(0); } /*ShutDown */ diff --git a/src/vol/partition.c b/src/vol/partition.c index 2aefc61f0..4be5350fc 100644 --- a/src/vol/partition.c +++ b/src/vol/partition.c @@ -21,7 +21,7 @@ #include RCSID - ("$Header: /cvs/openafs/src/vol/partition.c,v 1.30.2.4 2007/05/10 22:44:12 shadow Exp $"); + ("$Header: /cvs/openafs/src/vol/partition.c,v 1.30.2.4.2.1 2007/12/13 21:01:58 shadow Exp $"); #include #ifdef AFS_NT40_ENV @@ -440,7 +440,7 @@ VAttachPartitions(void) /* but allow zfs too if we're in the NAMEI environment */ if ( #ifdef AFS_NAMEI_ENV - ((!(strcmp(mnt.mnt_fstype, "ufs") && + (((strcmp(mnt.mnt_fstype, "ufs") && strcmp(mnt.mnt_fstype, "zfs")))) #else (strcmp(mnt.mnt_fstype, "ufs") != 0) -- 2.39.5